A few months ago, the Irish Data Protection Commission imposed an administrative fine of EUR 225 million on WhatsApp Ireland Limited, declaring the company's data protection notice non-compliant with the General Data Protection Regulation (Regulation (No) 2016/679 or the "GDPR").

This article discusses some practical takeaways from the WhatsApp case to be considered when drafting or updating privacy and data protection notices.